Create definitions.md #13
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,22 @@ | ||
| # Glossary of Terms: Understanding Lifecycle Phases in Technology | ||
|
|
||
| This document aims to clearly define key terms related to the lifecycle of specifications, software, services, and hardware products, providing a reference for understanding various phases including but not limited to creation, releases, sales, until support termination. | ||
|
|
||
|
|
||
| **Note**: With open source software or hardware, there is typically no "end-of-sales". | ||
|
|
||
| ## 1. Software End-of-Life (SEoL) or Software End-of-Sales (SEoS) | ||
|
|
||
| **Definition:** Software End-of-Life refers to the stage in a software product's lifecycle where it is no longer sold. | ||
|
|
||
| ## 2. Hardware End-of-Life (HEoL) or Hardware End-of-Sales (HEoS) | ||
|
|
||
| **Definition:** Hardware End-of-Life signifies the phase where a piece of hardware (like a server, router, or computer component) is no longer sold by its manufacturer. | ||
|
|
||
| ## 3. End-of-Software Maintenance or Security Vulnerability Support | ||
|
There was a problem hiding this comment. I think those are two distinct things:
This also reflects what is currently done by many open source projects (not backporting new features, but keeping security up-to-date for a while) and commercial products (e.g. Windows 10) |
||
|
|
||
| **Definition:** This term indicates the final phase of a software product’s lifecycle during which the developer ceases to provide maintenance services, including security patches, bug fixes, or any other form of software updates. Beyond this point, the software may become vulnerable to security risks as new threats emerge. However, a vendor may still support technical questions and may also investigate vulnerabilities in their products without providing a fix. | ||
|
|
||
| ## 4. Last Date of Support (End-of-Support) | ||
|
There was a problem hiding this comment. A comment was received to expand this title to "Last Date of Support ( LDoS ) or End-of-Support (EoS) Date" There was a problem hiding this comment. Agree, This titles are better however shorter form EoS can get confused between End of Sale & End of Support, End of Service. If everyone agree we can use long form everywhere. There was a problem hiding this comment. I think abbreviations will occur naturally - better we define them here. So that it is clear, who gets the acronym "EoS"... |
||
|
|
||
| **Definition:** The Last Date of Support, or End-of-Support, refers to the final date when all types of support, including technical, maintenance, and security updates, will be provided for a software or hardware product. After this date, the product is considered unsupported and may pose risks or operational inefficiencies for users. | ||
|
There was a problem hiding this comment. A new item/definition that we should add is "Extended Support" as suggested in #15 There was a problem hiding this comment. This defination mostly seen on Operating System, taking a try .. please review/update. There was a problem hiding this comment. Similar to Extended Support, different segment may have a specialized term/definition. Can we allow Additional definition where a company/vendor/partner can put a custom information as text, URL ? There was a problem hiding this comment.
To be frank: That is a bad idea. A standard should cover most (if not all) use cases. Introducing a way to use own definitions will actually prevent people from leaving their old system behind and following the standard. As user, I want to have one dataset that is comparable, not hundreds and being forced to figure out the mapping between the companies definition and OpenEoX... There was a problem hiding this comment.
I had the same idea. Maybe, we need to differentiate between standard and extended support? Or paid/unpaid? There was a problem hiding this comment. I do agree with @tschmidtb51 that arbitrary definitions can lead to problems. But there are products out there with at least three different "levels" of support and I suspect others might have more. e.g. RedHat has "Full Support", "Maintenance Support", "Extended Update Support" We need to be able to model those kinds of things and I don't think the standard should mandate how many levels are allowed. There was a problem hiding this comment. I agree. Unfortunately, sometimes the tools (i.e., CMDB, vuln mgmt, scanners) will be the ones making the "interpretation" of these definitions, so we may need to find a balance. |
||
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think we need to clarify somewhere that those only apply to in regards to the entity making the statement. There is an aftermarket for some things... (same applies to all definitions).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Also: I would prefer to use "End-of-Sales" as definition point, if we are defining it based on the "sold" attribute.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We need to communicate clearly, whether EoL and EoS is the same. IMHO it is not.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
EoS doesn't really apply to Open Source software and we often mark something as EoL.
So, either those are two distinct things (EoS / EoL) or the attribute "sold" should not be used.
In other words: I do agree with @tschmidtb51 that these are two distinct things.